A general purpose of access control is to allow access to a computing resource to individuals that are allowed access to it and deny access to individuals that are not allowed access. In contemporary IT infrastructure, access control is not a trivial task. Access control policies define different roles for individuals accessing computing resources. Access control policies may depend on time of access, location of access, and/or other contextual data. In conventional approaches to access control, a set of access control policies may contain policies that allow and deny access to the same resource at the same time, or some resources may not have enough policies describing access to them for all possible individuals. Prior attempts to resolve these issues include using methods based on formal logic. Methods based on formal logic can suffer, for example, from exponential growth of computational complexity and difficulties with representing time. As such, methods based on formal logic may not be feasible for policy sets containing a large amount of variables and/or time-based policies.